Replace fmt.Sprintf with hex.EncodeToString (#21960)

`hex.EncodeToString` has better performance than `fmt.Sprintf("%x",
[]byte)`, we should use it as much as possible.

I'm not an extreme fan of performance, so I think there are some
exceptions:

- `fmt.Sprintf("%x", func(...)[N]byte())`
- We can't slice the function return value directly, and it's not worth
adding lines.
    ```diff
    func A()[20]byte { ... }
    - a := fmt.Sprintf("%x", A())
    - a := hex.EncodeToString(A()[:]) // invalid
    + tmp := A()
    + a := hex.EncodeToString(tmp[:])
    ```
- `fmt.Sprintf("%X", []byte)`
- `strings.ToUpper(hex.EncodeToString(bytes))` has even worse
performance.
forgejo
Jason Song 2022-11-28 19:19:18 +08:00 committed by GitHub
parent e81ccc406b
commit 9607750b5e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 30 additions and 28 deletions

View File

@ -9,6 +9,7 @@ import (
"crypto/subtle" "crypto/subtle"
"encoding/base32" "encoding/base32"
"encoding/base64" "encoding/base64"
"encoding/hex"
"fmt" "fmt"
"code.gitea.io/gitea/models/db" "code.gitea.io/gitea/models/db"
@ -78,7 +79,7 @@ func (t *TwoFactor) GenerateScratchToken() (string, error) {
// HashToken return the hashable salt // HashToken return the hashable salt
func HashToken(token, salt string) string { func HashToken(token, salt string) string {
tempHash := pbkdf2.Key([]byte(token), []byte(salt), 10000, 50, sha256.New) tempHash := pbkdf2.Key([]byte(token), []byte(salt), 10000, 50, sha256.New)
return fmt.Sprintf("%x", tempHash) return hex.EncodeToString(tempHash)
} }
// VerifyScratchToken verifies if the specified scratch token is valid. // VerifyScratchToken verifies if the specified scratch token is valid.

View File

@ -5,12 +5,12 @@ package base
import ( import (
"crypto/sha256" "crypto/sha256"
"fmt" "encoding/hex"
"golang.org/x/crypto/pbkdf2" "golang.org/x/crypto/pbkdf2"
) )
func HashToken(token, salt string) string { func HashToken(token, salt string) string {
tempHash := pbkdf2.Key([]byte(token), []byte(salt), 10000, 50, sha256.New) tempHash := pbkdf2.Key([]byte(token), []byte(salt), 10000, 50, sha256.New)
return fmt.Sprintf("%x", tempHash) return hex.EncodeToString(tempHash)
} }

View File

@ -5,7 +5,7 @@ package v1_14 //nolint
import ( import (
"crypto/sha256" "crypto/sha256"
"fmt" "encoding/hex"
"golang.org/x/crypto/argon2" "golang.org/x/crypto/argon2"
"golang.org/x/crypto/bcrypt" "golang.org/x/crypto/bcrypt"
@ -53,7 +53,7 @@ func RecalculateUserEmptyPWD(x *xorm.Engine) (err error) {
tempPasswd = pbkdf2.Key([]byte(passwd), []byte(salt), 10000, 50, sha256.New) tempPasswd = pbkdf2.Key([]byte(passwd), []byte(salt), 10000, 50, sha256.New)
} }
return fmt.Sprintf("%x", tempPasswd) return hex.EncodeToString(tempPasswd)
} }
// ValidatePassword checks if given password matches the one belongs to the user. // ValidatePassword checks if given password matches the one belongs to the user.

View File

@ -401,7 +401,7 @@ func hashPassword(passwd, salt, algo string) (string, error) {
tempPasswd = pbkdf2.Key([]byte(passwd), saltBytes, 10000, 50, sha256.New) tempPasswd = pbkdf2.Key([]byte(passwd), saltBytes, 10000, 50, sha256.New)
} }
return fmt.Sprintf("%x", tempPasswd), nil return hex.EncodeToString(tempPasswd), nil
} }
// SetPassword hashes a password using the algorithm defined in the config value of PASSWORD_HASH_ALGO // SetPassword hashes a password using the algorithm defined in the config value of PASSWORD_HASH_ALGO

View File

@ -4,7 +4,7 @@
package packages package packages
import ( import (
"fmt" "encoding/hex"
"io" "io"
"strings" "strings"
"testing" "testing"
@ -36,10 +36,10 @@ func TestHashedBuffer(t *testing.T) {
assert.Equal(t, c.Data, string(data)) assert.Equal(t, c.Data, string(data))
hashMD5, hashSHA1, hashSHA256, hashSHA512 := buf.Sums() hashMD5, hashSHA1, hashSHA256, hashSHA512 := buf.Sums()
assert.Equal(t, c.HashMD5, fmt.Sprintf("%x", hashMD5)) assert.Equal(t, c.HashMD5, hex.EncodeToString(hashMD5))
assert.Equal(t, c.HashSHA1, fmt.Sprintf("%x", hashSHA1)) assert.Equal(t, c.HashSHA1, hex.EncodeToString(hashSHA1))
assert.Equal(t, c.HashSHA256, fmt.Sprintf("%x", hashSHA256)) assert.Equal(t, c.HashSHA256, hex.EncodeToString(hashSHA256))
assert.Equal(t, c.HashSHA512, fmt.Sprintf("%x", hashSHA512)) assert.Equal(t, c.HashSHA512, hex.EncodeToString(hashSHA512))
assert.NoError(t, buf.Close()) assert.NoError(t, buf.Close())
} }

View File

@ -4,7 +4,7 @@
package packages package packages
import ( import (
"fmt" "encoding/hex"
"testing" "testing"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
@ -24,10 +24,10 @@ func TestMultiHasherSums(t *testing.T) {
hashMD5, hashSHA1, hashSHA256, hashSHA512 := h.Sums() hashMD5, hashSHA1, hashSHA256, hashSHA512 := h.Sums()
assert.Equal(t, expectedMD5, fmt.Sprintf("%x", hashMD5)) assert.Equal(t, expectedMD5, hex.EncodeToString(hashMD5))
assert.Equal(t, expectedSHA1, fmt.Sprintf("%x", hashSHA1)) assert.Equal(t, expectedSHA1, hex.EncodeToString(hashSHA1))
assert.Equal(t, expectedSHA256, fmt.Sprintf("%x", hashSHA256)) assert.Equal(t, expectedSHA256, hex.EncodeToString(hashSHA256))
assert.Equal(t, expectedSHA512, fmt.Sprintf("%x", hashSHA512)) assert.Equal(t, expectedSHA512, hex.EncodeToString(hashSHA512))
}) })
t.Run("State", func(t *testing.T) { t.Run("State", func(t *testing.T) {
@ -45,9 +45,9 @@ func TestMultiHasherSums(t *testing.T) {
hashMD5, hashSHA1, hashSHA256, hashSHA512 := h2.Sums() hashMD5, hashSHA1, hashSHA256, hashSHA512 := h2.Sums()
assert.Equal(t, expectedMD5, fmt.Sprintf("%x", hashMD5)) assert.Equal(t, expectedMD5, hex.EncodeToString(hashMD5))
assert.Equal(t, expectedSHA1, fmt.Sprintf("%x", hashSHA1)) assert.Equal(t, expectedSHA1, hex.EncodeToString(hashSHA1))
assert.Equal(t, expectedSHA256, fmt.Sprintf("%x", hashSHA256)) assert.Equal(t, expectedSHA256, hex.EncodeToString(hashSHA256))
assert.Equal(t, expectedSHA512, fmt.Sprintf("%x", hashSHA512)) assert.Equal(t, expectedSHA512, hex.EncodeToString(hashSHA512))
}) })
} }

View File

@ -8,9 +8,9 @@ import (
"crypto/sha1" "crypto/sha1"
"crypto/sha256" "crypto/sha256"
"crypto/sha512" "crypto/sha512"
"encoding/hex"
"encoding/xml" "encoding/xml"
"errors" "errors"
"fmt"
"io" "io"
"net/http" "net/http"
"path/filepath" "path/filepath"
@ -128,7 +128,7 @@ func serveMavenMetadata(ctx *context.Context, params parameters) {
tmp := sha512.Sum512(xmlMetadataWithHeader) tmp := sha512.Sum512(xmlMetadataWithHeader)
hash = tmp[:] hash = tmp[:]
} }
ctx.PlainText(http.StatusOK, fmt.Sprintf("%x", hash)) ctx.PlainText(http.StatusOK, hex.EncodeToString(hash))
return return
} }

View File

@ -4,7 +4,7 @@
package pypi package pypi
import ( import (
"fmt" "encoding/hex"
"io" "io"
"net/http" "net/http"
"regexp" "regexp"
@ -118,7 +118,7 @@ func UploadPackageFile(ctx *context.Context) {
_, _, hashSHA256, _ := buf.Sums() _, _, hashSHA256, _ := buf.Sums()
if !strings.EqualFold(ctx.Req.FormValue("sha256_digest"), fmt.Sprintf("%x", hashSHA256)) { if !strings.EqualFold(ctx.Req.FormValue("sha256_digest"), hex.EncodeToString(hashSHA256)) {
apiError(ctx, http.StatusBadRequest, "hash mismatch") apiError(ctx, http.StatusBadRequest, "hash mismatch")
return return
} }

View File

@ -5,6 +5,7 @@ package packages
import ( import (
"context" "context"
"encoding/hex"
"errors" "errors"
"fmt" "fmt"
"io" "io"
@ -229,10 +230,10 @@ func NewPackageBlob(hsr packages_module.HashedSizeReader) *packages_model.Packag
return &packages_model.PackageBlob{ return &packages_model.PackageBlob{
Size: hsr.Size(), Size: hsr.Size(),
HashMD5: fmt.Sprintf("%x", hashMD5), HashMD5: hex.EncodeToString(hashMD5),
HashSHA1: fmt.Sprintf("%x", hashSHA1), HashSHA1: hex.EncodeToString(hashSHA1),
HashSHA256: fmt.Sprintf("%x", hashSHA256), HashSHA256: hex.EncodeToString(hashSHA256),
HashSHA512: fmt.Sprintf("%x", hashSHA512), HashSHA512: hex.EncodeToString(hashSHA512),
} }
} }